On August 6, the National Technical Committee 260 on Cyber-security Standardization Administration of China (TC260) released the national standard "Data Security Technology — Data Interface Security Risk Monitoring Methods (Draft for Comment)" (the "Draft") for public comments until October 1, 2024.

The Draft provides methods for data interface security risk monitoring, including approaches, content, processes, etc., and specifies key monitoring points for each stage of data interface security risk monitoring. This standard is applicable to guiding data interface security risk monitoring activities carried out by various organizations. The Draft first clarifies the definition of data interface and abstracts the basic elements of a data interface from the roles and relationships of the parties involved in the data interface. Based on these basic elements, it proposes an overall framework for data interface risk monitoring methods, and further describes the monitoring approaches, principles, and processes within this framework.

(Source: National Technical Committee 260 on Cyber-security Standardization Administration of China (TC260))